Sign up to receive free email alerts when patent applications with chosen keywords are publishedSIGN UP

Abstract:

A first storage device provides a host device with access to a private
memory area by communicating a password between the first storage device
and a second storage device via the host device using a double-encryption
scheme. In one embodiment, a host device receives a twice-encrypted
password from a first storage device, sends the twice-encrypted password
to a second storage device, receives a once-encrypted password from the
second storage device, decrypts the once-encrypted password to obtain the
password, and sends the password to the first storage device. In another
embodiment, a first storage device sends a twice-encrypted password to a
host device, receives the password from the host device after the
twice-encrypted password is decrypted by a second storage device and the
host device, and provides the host device with access to the private
memory area only if the password matches one that is stored in the first
storage device.

Claims:

1. A method for communicating a password between first and second storage
devices through a host device, the method comprising: performing by a
host device which is in communication with first and second storage
devices: receiving a twice-encrypted password from the first storage
device, the password being useable for accessing a private memory area in
the first storage device; sending the twice-encrypted password to the
second storage device, wherein the second storage device is configured to
decrypt the twice-encrypted password to obtain a once-encrypted password;
receiving the once-encrypted password from the second storage device;
decrypting the once-encrypted password to obtain the password; and
sending the password to the first storage device.

2. The method of claim 1, wherein the host device receives the
once-encrypted password from the second storage device via an unsecured
channel and sends the password to the first storage device in plaintext
form via a secured channel using a session key.

3. The method of claim 1, wherein decrypting the once-encrypted password
to obtain the password comprises: calculating a decryption key; and
decrypting the once-encrypted password with the decryption key.

4. The method of claim 1, wherein the twice-encrypted password is stored
in a hidden area in the first storage device.

5. The method of claim 1, wherein the host device gains access to the
private memory area only if the password matches one that is stored in
the first storage device.

6. The method of claim 1, wherein the second storage device comprises a
smart card.

9. The method of claim 1 further comprising sending a command to read or
write to the private memory area after sending the password to the first
storage device.

10. A host device comprising: a first interface configured to communicate
with a first storage device; a second interface configured to communicate
with a second storage device; a controller in communication with the
first and second interfaces, wherein the controller is configured to:
receive a twice-encrypted password from the first storage device, the
password being useable for accessing a private memory area in the first
storage device; send the twice-encrypted password to the second storage
device, wherein the second storage device is configured to decrypt the
twice-encrypted password to obtain a once-encrypted password; receive the
once-encrypted password from the second storage device; decrypt the
once-encrypted password to obtain the password; and send the password to
the first storage device.

11. The host device of claim 10, wherein the host device receives the
once-encrypted password from the second storage device via an unsecured
channel and sends the password to the first storage device in plaintext
form via a secured channel using a session key.

12. The host device of claim 10, wherein decrypting the once-encrypted
password to obtain the password comprises: calculating a decryption key;
and decrypting the once-encrypted password with the decryption key.

13. The host device of claim 10, wherein the twice-encrypted password is
stored in a hidden area in the first storage device.

14. The host device of claim 10, wherein the host device gains access to
the private memory area only if the password matches one that is stored
in the first storage device.

15. The host device of claim 10, wherein the second storage device
comprises a smart card.

18. The host device of claim 10, wherein the controller is further
configured to send a command to read or write to the private memory area
after sending the password to the first storage device.

Description:

CROSS-REFERENCE TO RELATED APPLICATIONS

[0001] This application is a continuation of International Application No.
PCT/IB2010/002077, with an international filing date of Aug. 25, 2010.
This application also claims the benefit of U.S. provisional patent
application Nos. 61/357,404 and 61/357,405, both filed on Jun. 22, 2010.
Each of these applications is hereby incorporated by reference.

BACKGROUND

[0002] In some environments, a host device (such as a personal computer)
is used with a first storage device (such as a Universal Serial Bus (USB)
device or an embedded or removable memory card) that contains a
password-protected private memory area and a second storage device (such
as a smart card) that stores the password usable for accessing the
private memory area in the first storage device. In operation, the second
storage device sends the password to the first storage device via the
host device, and, if that password matches one stored in the first
storage device, the first storage device provides the host device with
access to the private memory area. In this way, the second storage device
is used for authenticating access to the private memory area on the first
storage device.

[0003] A security risk can be presented if the password is transmitted
from the second storage device to the host or from the host to the first
storage device in an unsecured manner. For example, consider the
situation in which the first storage device is a USB device and the
second storage device is a smart card. While some currently-available USB
devices can communicate with a host device over a secure channel, many
currently-available smart cards cannot. Accordingly, even though the
smart card may be able to securely store the password and even though the
transmission of the password from the host device to the USB device can
occur over a secure channel, the absence of a secure channel between the
smart card and the host device creates an opportunity for a hacker to
access the password (because it is transmitted in plaintext form) and
later use that password to gain unauthorized access to the private memory
area of the USB device.

OVERVIEW

[0004] Embodiments of the present invention are defined by the claims, and
nothing in this section should be taken as a limitation on those claims.

[0005] By way of introduction, the below embodiments relate to providing a
host device with access to a private memory area in a first storage
device by communicating a password between the first storage device and a
second storage device via the host device using a double-encryption
scheme.

[0006] In one embodiment, a host device receives a twice-encrypted
password from a first storage device, the password being useable for
accessing a private memory area in the first storage device. The host
device sends the twice-encrypted password to a second storage device,
wherein the second storage device is configured to decrypt the
twice-encrypted password to obtain a once-encrypted password. The host
device then receives the once-encrypted password from the second storage
device, decrypts the once-encrypted password to obtain the password, and
sends the password to the first storage device. The password can be sent
from the host device to the first storage device through a secure
channel, if one is available.

[0007] In another embodiment, a first storage device sends a
twice-encrypted password to a host device, the password being useable for
accessing a private memory area in the first storage device. The host
device is configured to send the twice-encrypted password to the second
storage device for decryption to obtain a once-encrypted password,
receive the once-encrypted password from the second storage device, and
decrypt the once-encrypted password to obtain the password. The first
storage device receives the password from the host device and provides
the host device with access to the private memory area only if the
password matches one that is stored in the first storage device. The
password can be sent from the host device to the first storage device
through a secure channel, if one is available.

[0008] Other embodiments are possible, and each of the embodiments can be
used alone or together in combination. Accordingly, various embodiments
will now be described with reference to the attached drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

[0009]FIG. 1 is a block diagram of an exemplary host device and first and
second storage devices of an embodiment.

[0010]FIG. 2 is a flow chart of a method of an embodiment for
communicating a password between first and second storage devices through
a host device.

[0011]FIG. 3 is a block diagram of an exemplary host device and first and
second storage devices of an embodiment.

[0012] FIG. 4 is a timing diagram of a method of an embodiment for
communicating a password between first and second storage devices through
a host device.

DETAILED DESCRIPTION OF THE PRESENTLY PREFERRED EMBODIMENTS

Introduction

[0013] In general, the below embodiments relate to communicating a
password between first and second storage devices via a host device using
a double-encryption scheme in order to provide a host device with access
to a private memory area in the first storage device. Before turning to
the details of such communication, an overview of exemplary host and
storage devices is provided.

Exemplary Host and Storage Devices

[0014] Turning now to the drawings, FIG. 1 shows a host device 100 in
communication with first and second storage devices 110, 120 via first
and second interfaces 115, 125, respectively. As used herein, the phrase
"in communication with" could mean directly in communication with or
indirectly in communication with through one or more components, which
may or may not be shown or described herein. For example, the interfaces
115, 125 can contain the physical and electrical connectors to send data
and commands between the first and second storage devices 110, 120 and
the host device 100. FIG. 1 shows that the host device 110 comprises a
controller 130 and a memory 135, although the host device 110 can contain
additional elements, which are not shown in FIG. 1 to simply the drawing.
A host device 110 can take any suitable form, such as, but not limited
to, a personal computer (PC), a mobile phone, a digital media player, a
game device, a personal digital assistant (PDA), a kiosk, a set-top box,
a TV system, a book reader, or any combination thereof.

[0015] The first storage device 110 can take any suitable form, such as,
but not limited to, an embedded memory (e.g., a secure module embedded in
the host device 110), a universal serial bus (USB) device, a smart card,
a handheld, removable memory card, or a removable or non-removable hard
drive, such as a solid-state drive. As shown in FIG. 1, the first storage
device 110 comprises an interface 140 to communicate with the host device
140, a controller 150, and a memory 160. The first storage device 110 can
contain additional elements, which are not shown in FIG. 1 to simply the
drawing.

[0016] The controller 150 can include, for example, a central processing
unit (CPU), a crypto-engine operative to provide encryption and/or
decryption operations, read access memory (RAM), and read only memory
(ROM) for storing firmware for the basic operations of the first storage
device 110. The controller 150 can be implemented in any suitable manner.
For example, the controller 150 can take the form of a microprocessor or
processor and a computer-readable medium that stores computer-readable
program code (e.g., software or firmware) executable by the
(micro)processor, logic gates, switches, an application specific
integrated circuit (ASIC), a programmable logic controller, and an
embedded microcontroller, for example. Examples of controllers include,
but are not limited to, the following microcontrollers: ARC 625D, Atmel
AT91SAM, Microchip PIC18F26K20, and Silicon Labs C8051F320. The
controller 150 can also be implemented as part of the memory control
logic.

[0017] The first storage device 110 also contains a memory 160, which can
take any suitable form, such as, but not limited to, a mass storage
device with solid-state (e.g., flash) memory. In this embodiment, the
memory 160 of the first storage device 110 contains three areas or
partitions: a hidden memory area 162, a private memory area 164, and a
public memory area 166. The hidden memory area 162, the private memory
area 164, and the public memory area 166 can all be part of the same
physical memory device, or some or all of the areas 162, 164, 166 can be
in separate physical memory devices. The hidden memory area 162 is
"hidden" because it is internally managed by the controller 150 (and not
by the host's controller 130). Data stored in the hidden memory area 162
can also be encrypted. As will be described in more detail below, the
hidden memory area 162 can store a password useable for accessing the
private memory area 164. The hidden memory area 162 can also store other
information, such as, for example, firmware code used by the controller
150 to control operation of the first storage device 110. Unlike the
hidden memory area 162, the private and public memory areas 164, 166 can
be used to store user data. However, while the public memory area 166 is
generally accessible, the controller 150 only provides access to the
private memory area 164 if the proper password is provided or some other
type of authentication process is satisfied. In this way, the private
memory area 164 can be used to securely store data.

[0018] Like the first storage device 110, the second storage device 120
can take any suitable form. In one embodiment, the second storage device
120 takes the form of a smart card. However, the second storage device
120 can take other forms, such as, but not limited to, an embedded memory
(e.g., a secure module embedded in the host device 110), a universal
serial bus (USB) device, a handheld, removable memory card, or a
removable or non-removable hard drive, such as a solid-state drive. As
shown in FIG. 1, the second storage device 120 comprises an interface 170
to communicate with the host device 140, a controller 180, and a memory
190. The second storage device 120 can contain additional elements, which
are not shown in FIG. 1 to simply the drawing. The controller 180 and
memory 190 can take any suitable form and can be similar to or different
from the form of the controller 150 and memory 160 in the first storage
device 110.

Communicating a Password Using a Double-Encryption Scheme

[0019] The host device 110 and first and second storage devices 110, 120
can be used in any suitable manner. In one embodiment, the second storage
device 120 (e.g., a smart card) is used for authenticating access to the
private memory area 164 in the first storage device 110 (e.g., a USB
drive or embedded memory). As discussed in the background section above,
a security risk can be presented in such an arrangement. For example,
while some currently-available USB devices can communicate with a host
device over a secure channel, many currently-available smart cards
cannot. Accordingly, even though the smart card may be able to securely
store the password and even though the transmission of the password from
the host device to the USB device can occur over a secure channel, the
lack of a secure channel between the smart card and the host device
creates an opportunity for a hacker to be able to access the password
(because it is transmitted in plaintext form) and later use that password
to gain unauthorized access to the private memory area of the USB device.

[0020] In order to address this problem, the following embodiment uses a
double-encryption scheme to protect the password even though there may
not be a secure channel between the second storage device 120 and the
host device 100. In general, the password (e.g., a device key) using for
unlocking the private memory area 164 of the first storage device 110 is
encrypted twice during system initialization and stored in the hidden
memory area 162 of the first storage device 110. In this embodiment, the
password is first encrypted with a unique key that is accessible only to
the host device 100 and then is encrypted a second time with a unique key
that is accessible only to the second storage device. This
twice-encrypted password can be used to securely transmit the password
even though a secure channel is not present between the second storage
device 120 and the host device 100, as will be illustrated through the
discussion of the flow chart 200 in FIG. 2.

[0021] As shown in the flow chart 200 in FIG. 2, the host device 100
receives the twice-encrypted password from the first storage device 110
(act 210) and then sends the twice-encrypted password to the second
storage device (act 220). The second storage device 120 then uses its
unique key to decrypt the twice-encrypted password to obtain a
once-encrypted password (i.e., the password encrypted with the host
device's unique key). The host device 110 then receives the
once-encrypted password from the second storage device 120 (act 230).
Even though the second storage device 120 does not have a secure channel
with the host device 110, the transmitted password is encrypted. So, even
if a hacker captures the once-encrypted password in transit between the
second storage device 120 and the host device 100, the hacker would not
have access to the password itself because it is encrypted. When the host
device 100 receives the once-encrypted password, the host device 100
decrypts it with its unique key to obtain the password (act 240) and then
sends the password in plaintext form to the first storage device via a
secured channel (act 250). In addition to storing the once-encrypted
password, the first storage device 110 can store the plaintext form of
the password (preferably in the hidden memory area 162) and compare the
plaintext form of the password received from the host device 100 with the
plaintext form of the password stored in its memory 160. If the passwords
match, the first storage device 110 can provide the host device 100 with
access to the private memory area 164, and the host device 100 can send
read/write commands to access the private memory area 164.

[0022] Turning again to the drawings, FIGS. 3 and 4 are a block diagram
and flowchart 400 that provides another illustration of this embodiment.
FIG. 3 shows a host device 300 in communication with first and second
storage devices 310, 320. The first storage device 310 contains a hidden
memory partition 325 that stores a password that can be used to unlock
the private memory partition 345 and is twice encrypted: once with a key
unique to the second storage device 320 and afterwards with a key unique
to the host device 300. The device platform protection block 340 is part
of the first storage device's controller and enables access to the
private partition 345 if a received password matches a device unlock
password, which can be stored in the hidden partition 325. The host
device 300 implements a "trusted agent" 300, which can be a software
application running on the host device's controller. The trusted agent
can perform encryption, establish a secure channel with the first storage
device 310, present a graphical user interface to collect user
information, and perform other tasks. The second storage device 320 has
an interface 335, which can be implemented on the second storage device's
controller, that is configured to perform decryption using the second
storage device's unique key (the "unlock key").

[0023] With reference to the timing diagram in FIG. 4 and the block
diagram in FIG. 3, in the embodiment, the trusted agent 330 asks the user
of the host device 300 for a PIN number (or other type of identifier) to
authenticate the user to the second storage device 320. The second
storage device 320 then verifies the PIN and grants access the second
storage device's unique key (here, an RSA key). The trusted agent 330
also creates a secure channel with the first storage device 310. In this
example, the first storage device 310 is a USB device operating under the
U3 standard, and a secure channel is created based on a RSA 512
challenge-response process. After the secure channel is created, the
trusted agent reads the twice-encrypted password from the first storage
device 310 and sends it to the second storage device 320 along with a
request to decrypt the twice-encrypted password with the RSA key stored
in the second storage device 320. The second storage device 320 decrypts
the twice-encrypted password to obtain the once-encrypted password and
then sends the once-encrypted password to the trusted agent 330. The
trusted agent 330 then decrypts the once-encrypted password to obtain the
password in plaintext form. For example, the trusted agent 330 can
calculate or extract a unique device decryption key (e.g., a unique AES
key) and then decrypt the once-encrypted password with the unique AES key
to obtain the password in plaintext form. The trusted agent 330 then
encrypts the password using the session key of the secure session and
sends the password to the first storage device 310 along with a command
to unlock the private U3 partition. The first storage device 310 verifies
the password by having the device platform protection block 340 compare
the password received from the trusted agent with the device unlock
password stored in the first storage device 310. After the password has
been verified, the device platform protection block 340 enables access to
the private partition 345, so that the host device 300 can send
read/write legacy commands to read from and write to the private
partition 345.

[0024] As illustrated by these examples, these embodiments can be used to
securely communicate a password from a second storage device to a first
storage device via a host device even though a secure communication
channel does not exist between the second storage device and the host
device. This avoids the security risk discussed in the background section
above. Like the prior approaches, the second storage device is still used
to authenticate the host device to the first storage device. However,
instead of sending the password itself, the second storage device
provides one level of decryption that is needed to render the password.

CONCLUSION

[0025] It is intended that the foregoing detailed description be
understood as an illustration of selected forms that the invention can
take and not as a definition of the invention. It is only the following
claims, including all equivalents, that are intended to define the scope
of the claimed invention. Finally, it should be noted that any aspect of
any of the preferred embodiments described herein can be used alone or in
combination with one another.